The Network Never Lies

Sometimes the best clues to a security breach aren’t found in the contents of the files that are traversing your network. Instead, they’re found in the details of the network metadata. An unusually large data transfer associated with simple web-browsing traffic can indicate the injection of malware. Also, an examination of any changes in an attached file’s entropy can reveal encryption or compression activities that can indicate the addition of embedded malware.